skip book previous and next navigation links
go up to top of book: HP OpenVMS System Manager's Manual, Volume 1:... HP OpenVMS System Manager's Manual, Volume 1:...
go to beginning of chapter: Security Considerations Security Considerations
go to previous page: Creating Access Control Lists Creating Access Control Lists
go to next page: Using the ACL EditorUsing the ACL Editor
end of book navigation links

Assigning ACLs  



You can place ACLs on the following object classes:
Capability

Common event flag cluster

File

Device

Group global section

Logical name table

Queue

Resource domain

Security class

System global section

Volume

Typically, ACLs are used when you want to provide access to an object for some, but not all, users, or if you want to deny access to specific, unprivileged users. When the operating system receives a request for access to an object having an ACL, it searches each access control list entry in the ACL, stopping at the first match. If another match occurs in the ACL, it has no effect. Therefore, ACEs granting or denying access to a protected object for specific users should appear in the ACL before ACEs identifying broader classes of users.

go to previous page: Creating Access Control Lists Creating Access Control Lists
go to next page: Using the ACL EditorUsing the ACL Editor